Join 1/2 Day Workshop : How To Perform Penetration Testing On Industrial Control Systems And Operational Technology Safely

We are hosting a session and would request all interested to join us and have your security team members join us too. You could also share it with others who would find value

Workshop : How To Perform Penetration Testing On Industrial Control Systems And Operational Technology Safely

17th December, Thursday (6:30 PM India or 8 AM EST)

Duration : 6 hour

About Session : 

Industrial control systems (ICS), including supervisory control and data acquisition (SCADA) are found in many national critical infrastructure industries such as oil and natural gas, electric utilities, transportation, petrochemical and refining, water and wastewater, pharmaceutical, and manufacturing. Due to the high availability nature of these systems, any security testing must ensure that these systems are not affected operationally. Traditional IT Penetration Testing techniques are too harsh and potentially damaging to these sensitive systems. This educational presentation will first provide an overview of how ICS systems work, their vulnerabilities, and threats to these systems. The second part of this short training course will dive into proven methodologies and tools that our team has used to safely perform penetration testing on these systems. Lastly, this talk will conclude with best practices to secure and defend ICS and OT systems from cyber incidents.

( Link To Register Click Here )

Agenda

  • ICS Systems Overview
    • ICS Inputs, Outputs, and Sensor Networks
    • Controllers, Embedded Systems and Protocols
    • SCADA and ICS Protocols

  • Penetrating ICS Systems Safely
    • Recent Threats to ICS-SCADA Systems
    • ICS System Testing Methodology
    • Penetration Testing ICS Systems - OSINT and Internet Layer
    • Penetration Testing ICS Systems - Corporate Layer
    • Penetration Testing ICS Systems - OT DMZ and HMI Layers (3 and 2)
    • Penetration Testing ICS Systems - ICS Protocols and Controllers Layer

  • ICS Defense-in-Depth and Risk Management Strategy
    • SCADA DMZ Design and Network Segmentation
    • SCADA Remote Access Design Considerations        
    • Deployment of IDS/IPS - Including Custom Signatures
    • Security Event Monitoring and Logging for SCADA
    • Overview of Security Frameworks that impact SCADA (NIST 800-53, NIST 800-82, ISA S99, CFATS, NERC CIP)

( Link To Register Click Here )

Speaker Details : 

Jonathan Pollet
Founder at Red Tiger Security, Black Hat USA Trainer

He has over 20 years of experience in both Industrial Process Control Systems and Cyber Security. In 2001 he began to publish several white papers that exposed the need for security for Industrial Control Systems (ICS). Pollet and his team have conducted over 300 security assessments of live Industrial Control Systems globally. Throughout his career, he has been involved with SANS, IEEE, ISA, ISSA, EEI, UTC, CSIA, NERC, and several other professional societies and has spoken in over 200 conferences and workshops around the world. He has also been featured on Fox News, CNN, CNBC, Vanity Fair, Popular Mechanics, CIO Magazine, and several security publications.

Views: 137

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform


Forum

Security Trends and Emerging Technologies That A CISO Should Adopt In 2021

Started by Priyanka Aash on Wednesday. 0 Replies

What are the challenges you as a CISO have been facing since the last year and share some security trends that are catching up? Help the community by sharing your knowledge and personal views on this subject. Or if you have any specific questions…Continue

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */